2.4.3 Use Case C
An EHR-integrated1 diabetes management app allows a consumer to collect blood sugar readings through a Bluetooth-enabled glucometer. A healthcare provider offers the app to enable the patient's2 blood sugar to be captured through devices, rather than relying on manual entry by the patient, and to electronically transmit the readings to the patient’s physician, rather than using paper or FAX. Activity data are collected through an activity tracker, and a consumer can open the app to record meals and snacks to enable estimates of caloric consumption.
|
|
EHR Integrated
|
|
Medical Device App Categorization
|
Medical
|
|
Data Device Categorization
|
Regulated Device
|
|
PHI Data Storage
|
Cloud/EHR
|
|
Data transmission by App
|
Device-App-Cloud-EHR
|
|
Importance of Data Integrity
|
High
|
|
(USA) HIPAA covered?
|
Yes
|
1. “EHR-Integrated” in this example means that the app is designed and developed as part of the EHR application and offered by a provider, i.e., it is not standalone or independent of an EHR. “EHR+” includes provider software, e.g., administrative systems, beyond the scope of an EHR. Note that even if the consumer sends data to an EHR, and the EHR accepts the data, that does not in itself make the app developer a business associate of the covered entity (source: Office of Civil Right Health App Use Scenarios and HIPAA).
2. The “consumer” and the “patient” are the same person in this example. From the EHR’s perspective, the record is a patient record.